Chromium: "Running without the SUID sandbox!" error

Download chrome-linux.zip from appropriate folder from here.

Extract the file - will get a folder called chrome-linux.

Move the folder to wherever you want - I move it to my home folder.

• navigate to that folder

• open a terminal there

Previous two step might be reversed.

Run these four commands individually:

sudo mv chrome_sandbox chrome-sandbox
sudo chown root chrome-sandbox
sudo chmod 4755 chrome-sandbox
./chrome-wrapper

When I do that, I am good to go.

Do:

$ export DISPLAY=:0.0 && ./chrome --no-sandbox

Development of chrome sandbox stopped early 2016 (latest version of chrome-linux (64bit) that Lyle mentioned is http://commondatastorage.googleapis.com/chromium-browser-continuous/index.html?prefix=Linux_x64/382014/ which is from March 2016, more than a year ago).

See the comment at the TOP of https://chromium.googlesource.com/chromium/src/+/master/docs/linux_suid_sandbox_development.md which refers to the discussion here: https://bugs.chromium.org/p/chromium/issues/detail?id=598454 -- a bug that was closed as Fixed on 21 June 2016.

That discussion seems to indicate that with the appropriate kernel support it is safe to run chrome with --disable-setuid-sandbox which should cause chrome to stop even looking for the sandbox, but refuse to run if your kernel hasn't got the support to safely do so.

Nevertheless, at this moment (April 2017) ubuntu Stable (Xenial) still comes with the sandbox; package chromium-browser contains: /usr/lib/chromium-browser/chrome-sandbox which is setuid root. The reason that I did got the error in the title of this question is that I was running a special version of chrome that was part of a package that came with an application (a SecondLife viewer) that found it necessary to provide their own version of the browser. Needless to say that this downloaded package wasn't installed with setuid root :p (nor would I suggest to change it to 4755, because that doesn't sound very secure to do).